This document discusses message authentication techniques. It covers message authentication requirements such as preventing disclosure, modification, and repudiation of messages. It then describes various message authentication functions including hash-based MACs like HMAC, block cipher-based MACs like CMAC, and authenticated encryption modes like CCM and GCM. It also covers key wrapping and pseudorandom number generation using hash functions and MACs. The goal of message authentication codes and authenticated encryption is to verify that messages come from the alleged source and have not been altered.
This Presentation Elliptical Curve Cryptography give a brief explain about this topic, it will use to enrich your knowledge on this topic. Use this ppt for your reference purpose and if you have any queries you'll ask questions.
A brief discussion of network security and an introduction to cryptography. We end the presentation with a discussion of the RSA algorithm, and show how it works with a basic example.
Introduction to Public key Cryptosystems with block diagrams
Reference : Cryptography and Network Security Principles and Practice , Sixth Edition , William Stalling
This Presentation Elliptical Curve Cryptography give a brief explain about this topic, it will use to enrich your knowledge on this topic. Use this ppt for your reference purpose and if you have any queries you'll ask questions.
A brief discussion of network security and an introduction to cryptography. We end the presentation with a discussion of the RSA algorithm, and show how it works with a basic example.
Introduction to Public key Cryptosystems with block diagrams
Reference : Cryptography and Network Security Principles and Practice , Sixth Edition , William Stalling
A description about image Compression. What are types of redundancies, which are there in images. Two classes compression techniques. Four different lossless image compression techiques with proper diagrams(Huffman, Lempel Ziv, Run Length coding, Arithmetic coding).
An introduction to asymmetric cryptography with an in-depth look at RSA, Diffie-Hellman, the FREAK and LOGJAM attacks on TLS/SSL, and the "Mining your P's and Q's attack".
CMACs and MACS based on block ciphers, Digital signatureAdarsh Patel
cmcs
MACs based on Block Ciphers
Digital Signature
Properties , Requirements and Security of Digital Signature
Various digital signature schemes ( Elgamal and Schnorr )
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
Information And Data Security Block Cipher and the data encryption standard (DES) seminar
Mustansiriya University
Department of Education
Computer Science
Pretty Good Privacy,PGP Confidentiality and Authentication,Secure/Multipurpose Internet Mail Extension (S/MIME),Secure/Multipurpose Internet Mail Extension (S/MIME),Enhanced Security Services,E-mail Threats
Pgp-Pretty Good Privacy is the open source freely available tool to encrypt your emails then you can very securely send mails to others over internet without fear of eavesdropping by cryptanalyst.
Security Architecture and Design - CISSPSrishti Ahuja
Security Architecture and Design using CISSP guidelines, hardware and software security, kernel, virtualization, security models, ring model, security domains, BellLaPadula model, Biba model, Reading up and Writing down, Reading down and Writing up
The presentation covers the topic concerned with message authentication code, which is used to verify the message integrity (Message is modified or not?).
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
This material covers Authentication requirement, Authentication function, MAC, Hash function, Security of hash function and MAC, SHA, Digital signature and authentication protocols, DSS, Authentication protocols like Kerberos and X.509, entity authentication
A description about image Compression. What are types of redundancies, which are there in images. Two classes compression techniques. Four different lossless image compression techiques with proper diagrams(Huffman, Lempel Ziv, Run Length coding, Arithmetic coding).
An introduction to asymmetric cryptography with an in-depth look at RSA, Diffie-Hellman, the FREAK and LOGJAM attacks on TLS/SSL, and the "Mining your P's and Q's attack".
CMACs and MACS based on block ciphers, Digital signatureAdarsh Patel
cmcs
MACs based on Block Ciphers
Digital Signature
Properties , Requirements and Security of Digital Signature
Various digital signature schemes ( Elgamal and Schnorr )
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
Information And Data Security Block Cipher and the data encryption standard (DES) seminar
Mustansiriya University
Department of Education
Computer Science
Pretty Good Privacy,PGP Confidentiality and Authentication,Secure/Multipurpose Internet Mail Extension (S/MIME),Secure/Multipurpose Internet Mail Extension (S/MIME),Enhanced Security Services,E-mail Threats
Pgp-Pretty Good Privacy is the open source freely available tool to encrypt your emails then you can very securely send mails to others over internet without fear of eavesdropping by cryptanalyst.
Security Architecture and Design - CISSPSrishti Ahuja
Security Architecture and Design using CISSP guidelines, hardware and software security, kernel, virtualization, security models, ring model, security domains, BellLaPadula model, Biba model, Reading up and Writing down, Reading down and Writing up
The presentation covers the topic concerned with message authentication code, which is used to verify the message integrity (Message is modified or not?).
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
This material covers Authentication requirement, Authentication function, MAC, Hash function, Security of hash function and MAC, SHA, Digital signature and authentication protocols, DSS, Authentication protocols like Kerberos and X.509, entity authentication
This material covers Authentication requirement, Authentication function, MAC, Hash function, Security of hash function and MAC, SHA, Digital signature and authentication protocols, DSS, Authentication protocols like Kerberos and X.509, entity authentication
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Safalta Digital marketing institute in Noida, provide complete applications that encompass a huge range of virtual advertising and marketing additives, which includes search engine optimization, virtual communication advertising, pay-per-click on marketing, content material advertising, internet analytics, and greater. These university courses are designed for students who possess a comprehensive understanding of virtual marketing strategies and attributes.Safalta Digital Marketing Institute in Noida is a first choice for young individuals or students who are looking to start their careers in the field of digital advertising. The institute gives specialized courses designed and certification.
for beginners, providing thorough training in areas such as SEO, digital communication marketing, and PPC training in Noida. After finishing the program, students receive the certifications recognised by top different universitie, setting a strong foundation for a successful career in digital marketing.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
Normal Labour/ Stages of Labour/ Mechanism of LabourWasim Ak
Normal labor is also termed spontaneous labor, defined as the natural physiological process through which the fetus, placenta, and membranes are expelled from the uterus through the birth canal at term (37 to 42 weeks
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
2. Table of Contents
1. Message Authentication Requirements
2. Message Authentication Functions
3. Requirements for Message Authentication Code
4. Security of MACs
5. MACs Based on Hash Functions:HMAC
6. MACs Based on Block Ciphers: DAA and CMAC
7. Authenticated Encryption:CCM and GCM
8. Key Wrapping
9. Pseudorandom Number Generation Using Hash
Functions and MACs
2
3. Message Authentication Requirements (1/2)
• 1. Disclosure: Release of message contents to any person or process not
possessing the appropriate cryptographic key.
• 2. Traffic analysis: Discovery of the pattern of traffic between parties
• 3. Masquerade: Insertion of messages into the network from a fraudulent
source.
• 4. Content modification: Changes to the contents of a message, including
insertion, deletion, transposition, and modification.
• 5. Sequence modification: Any modification to a sequence of messages
between parties, including insertion, deletion, and reordering.
• 6. Timing modification: Delay or replay of messages.
• 7. Source repudiation: Denial of transmission of message by source.
• 8. Destination repudiation: Denial of receipt of message by destination.
3
4. Message Authentication Requirements (2/2)
• a procedure to verify that received messages come from
the alleged source and have not been altered.
• verify sequencing and timeliness.
• A digital signature is an authentication technique that also
includes measures to counter repudiation by the source.
4
5. Message Authentication Functions (1/10)
Autenticator may be grouped into three classes.
• Hash function: A function that maps a message of any
length into a fixedlength hash value, which serves as the
authenticator
• Message encryption: The ciphertext of the entire message
serves as its authenticator
• Message authentication code (MAC): A function of the
message and a secret key that produces a fixed-length
value that serves as the authenticator
5
6. Message Authentication Functions (2/10)
6
Symmetric Encryption
A message M transmitted from source A to destination B is
encrypted using a secret key K shared by A and B. If no other
party knows the key, then confidentiality is provided: No other
party can recover the plaintext of the message.
In addition, B is assured that the message was generated by A
M M
E D
Key Key
E(K, M)
Source Destination
7. Message Authentication Functions (3/10)
7
M M
E D
PUb PRb
E(PUb, M)
Source A Destination B
Public-key Encryption (1/3)
Public-Key encryption: confidentiality
The source (A) uses the public key PUb of the destination (B) to encrypt M.
Because only B has the corresponding private key PRb,
only B can decrypt the message.
Provides no authentication, because any opponent could also use
B’s public key to encrypt a message and claim to be A.
8. Message Authentication Functions (4/10)
Public-key Encryption (2/3)
The message must have come from A because A is the only party that
possesses PRa and therefore the only party with the information
necessary to construct ciphertext that can be decrypted with PUa.
8
M M
E D
PRa PUa
E(PRa, M)
Source A Destination B
Public-Key encryption: authentication and signature
9. Message Authentication Functions (5/10)
Public-key Encryption (3/3)
• To provide both confidentiality and authentication, A can encrypt M first using its
private key, which provides the digital signature, and then using B’s public key,
which provides confidentiality. The disadvantage of this approach is that the
public-key algorithm, which is complex, must be exercised four times rather than
two in each communication
9
M E E
PRa PUa
E(PRa, M)
Source A Destination B
Public-Key encryption: confidentiality, authentication, and signature
M
D D
PRb PUa
E(PRa, M)
E(PUb, E(PRa, M))
10. Message Authentication Functions (6/10)
Message Authentication Code (1/5)
• This technique assumes that two communicating parties,
say A and B, share a common secret key K. When A has a
message to send to B, it calculates the MAC as a function
of the message and the key
MAC = C(K, M)
• M = input message
• C = MAC function
• K = shared secret key
• MAC = message authentication code
10
11. Message Authentication Functions (7/10)
Message Authentication Code (2/5)
11
M
M
C
K
Source A
Destination B
C(K, M)
C
K
Compare
Message authentication
12. Message Authentication Functions (8/10)
Message Authentication Code (3/5)
12
M
M
C
K1
E(K2, [M||C(K1, M)])
Message authentication and confidentiality:
authentication tied to plaintext
E
K2
M
C(K, M)
C
K1
Compare
D
K2
13. Message Authentication Functions (9/10)
Message Authentication Code (4/5)
13
M
C
K1
C(K1, E(K2, M))
E
K2
M
C K1
Compare
D
K2
E(K2, M)
Message authentication and confidentiality:
authentication tied to ciphertext
14. Message Authentication Functions (10/10)
Message Authentication Code (5/5)
• There are a number of applications in which the same
message is broadcast to a number of destinations
• An exchange in which one side has a heavy load and
cannot afford the time to decrypt all incoming messages.
• The computer program can be executed without having to
decrypt it every time, which would be wasteful of
processor resources.
14
15. Requirements for Message Authentication Codes
• If an opponent observes M and MAC(K, M), it should be
computationally infeasible for the opponent to construct a
message M such that
MAC(K, M) = MAC(K, M)
• MAC(K, M) should be uniformly distributed in the sense
that for randomly chosen messages, M and M, the
probability that
MAC(K, M) = MAC(K, M)
is 2-n, where n is the number of bits in the tag.
• Let M be equal to some known transformation on M. That
is, M = f(M). For example, f may involve inverting one or
more specific bits. In that case,
Pr [MAC(K, M) = MAC(K, M)] = 2-n
15
16. Security of MACs
• Brute-Force Attacks
– Computation resistance: Given one or more text-MAC pairs [xi,
MAC(K, xi)], it is computationally infeasible to compute any text-
MAC pair [x, MAC(K, x)] for any new input x≠xi.
– the level of effort for brute-force attack on a MAC algorithm can be
expressed as min(2k, 2n)
– k: key length
– n: number of MAC bits
• Cryptanalysis
– That is, an ideal MAC algorithm will require a cryptanalytic effort greater than or equal to the
brute-force effort.
16
17. MACs Based on Hash Functions:HMAC (1/6)
• There has been increased interest in developing a MAC
derived from a cryptographic hash function
– Cryptographic hash functions such as MD5 and SHA generally
execute faster in software than symmetric block ciphers such as
DES.
– Library code for cryptographic hash functions is widely available.
• HMAC
– issued as RFC 2104,
– has been chosen as the mandatory-to-implement MAC for IP security
– is used in other Internet protocols, such as SSL
17
18. MACs Based on Hash Functions:HMAC (2/6)
• HMAC Design Objectives (RFC 2104)
– To use, without modifications, available hash functions.
– To allow for easy replaceability of the embedded hash function
– To preserve the original performance of the hash function
– To use and handle keys in a simple way
– To have a well understood cryptographic analysis
18
19. MACs Based on Hash Functions:HMAC (3/6)
• HMAC(K,M)
= H[(K+ ⊕ opad) ∥
H[(K+ ⊕ ipad) ∥M]]
• H = embedded hash function (e.g., MD5,
SHA-1, RIPEMD-160)
• IV = initial value input to hash function
• M = message input to HMAC (including the
padding specified in the embedded
• hash function)
• Yi = i th block of M, 0 … i … (L - 1)
• L = number of blocks in M
• b = number of bits in a block
• n = length of hash code produced by
embedded hash function
• K = secret key; recommended length is Ú n; if
key length is greater than b, the
• key is input to the hash function to produce an
n-bit key
• K+ = K padded with zeros on the left so that
the result is b bits in length
• ipad = 00110110 (36 in hexadecimal) repeated b/8
times
• opad = 01011100 (5C in hexadecimal) repeated b/8
times
19
20. MACs Based on Hash Functions:HMAC (4/6)
1. Append zeros to the left end of K to create a b-bit string K+
2. XOR (bitwise exclusive-OR) K+ with ipad to produce the b-bit
block Si.
3. Append M to Si.
4. Apply H to the stream generated in step 3.
5. XOR K+ with opad to produce the b-bit block So.
6. Append the hash result from step 4 to So.
7. Apply H to the stream generated in step 6 and output the result.
20
21. MACs Based on Hash Functions:HMAC (5/6)
• Efficient Implementation
of HMAC
21
22. MACs Based on Hash Functions:HMAC (6/6)
• Security of HMAC
– the probability of successful attack on HMAC is equivalent to
one of the following attacks on the embedded hash function.
The attacker is able to compute an output of the compression
function even with an IV that is random, secret, and unknown to the
attacker
For a hash code length of 128 bits, this requires 264 observed blocks
(272 bits) generated using the same key.
if speed is a concern, it is fully acceptable to use MD5 rather than
SHA-1 as the embedded hash function for HMAC.
22
23. MAC s Based on Block Ciphers: DAA and CMAC (1/3)
• Data Authentication Algorithm (DAA)
– (FIPS PUB 113) and an ANSI standard
– Security weaknesses in this algorithm have been discovered
– using the cipher block chaining (CBC) mode of operation of DES
• Cipher-Based Message Authentication Code (CMAC)
– use with AES and triple DES
• AES; key length: 128, 192, 256bit. Block size: 128bit
• Triple-DES; key length: 112 or 168bit. Block size: 64bit
– NIST 800-38B
23
24. MAC s Based on Block Ciphers: DAA and CMAC (2/3)
24
• Data Authentication Algorithm (DAA)
25. MAC s Based on Block Ciphers: DAA and CMAC (3/3)
• Cipher-Based Message Authentication Code (CMAC)
25
26. Authenticated Encryption: CCM and GCM (1/7)
• Authenticated encryption: AE
– simultaneously protect confidentiality and authenticity (integrity) of
communications.
• Four common approaches to providing both
confidentiality and encryption for a message M.
– Hashing followed by encryption (H->E)
• First compute the cryptographic hash function over M as h = H(M).
• Then encrypt the message plus hash function: E(K, (M} h))
– Authentication followed by encryption (A->E)
• First authenticate the plaintext by computing the MAC value as T = MAC(K1, M).
• Then encrypt the message plus tag: E(K2, [M||T ]).
– Encryption followed by authentication (E->A)
• First encrypt the message to yield the ciphertext C = E(K2, M).
• Then authenticate the ciphertext with T = MAC(K1, C) to yield the pair (C, T).
– Independently encrypt and authenticate (E+A).
• Encrypt the message to yield the ciphertext C = E(K2, M).
• Authenticate the plaintext with T = MAC(K1, M) to yield the pair (C, T).
26
27. Authenticated Encryption: CCM and GCM
• Counter with Cipher Block Chaining-Message Authentication
Code
– a variation of the encrypt-and-MAC approach to authenticated
encryption.
– AES, CTR, CMAC
– A single key K is used for both encryption and MAC algorithms.
27
Authenticated Encryption: CCM and GCM (2/7)
30. Authenticated Encryption: CCM and GCM (5/7)
• Galois/Counter Mode
– standardized by NIST in NIST SP 800-38D
– designed to be parallelizable so that it can provide high throughput
with low cost and low latency.
– the message is encrypted in variant of CTR mode
– GHASH, which is a keyed hash function, and GCTR, which is
essentially the CTR mode
30
GHash
33. Key Wrap (1/3)
• Most recent block cipher mode of operation defined by NIST
– Uses AES or triple DEA as the underlying encryption algorithm
• Purpose is to securely exchange a symmetric key to be shared
by two parties, using a symmetric key already shared by these
parties
– The latter key is called a key encryption key (KEK)
• Robust in the sense that each bit of output can be expected to
depend in a nontrivial fashion on each bit of input
• Only used for small amounts of plaintext
33
36. Pseudorandom Number Generation Using Hash
Functions and MACs (1/2)
• The essential elements of any pseudorandom number
generator
– Seed value
– Deterministic algorithm for generating a stream of pseudorandom
bits
36
PRNG using cryptographic hash function PRNG using HMAC
37. Pseudorandom Number Generation Using Hash
Functions and MACs (2/2)
37
m = [n/outlen]
w0 = V
W = the null string
For i = 1 to m
wi = MAC(K, wi-1)
W = W||wii
Return leftmost n bits of W
m = [n/outlen]
W = the null string
For i = 1 to m
wi = MAC(K, (V|| i))
W = W||wi
Return leftmost n bits of W
m = [n/outlen]
A(0) = V
W = the null string
For i = 1 to m
A(i) = MAC(K, A(i - 1))
wi = MAC(K, (A(i) }V)
W = W||wi
Return leftmost n bits of W
NIST SP 800-90 IEEE 802.11i TLS/WTLS